version: "3.9" networks: netgrimoire: external: true services: lldap-db: image: postgres:16 networks: - netgrimoire #user: "1001:998" environment: - TZ=America/Chicago - PUID=1001 - PGID=998 - POSTGRES_DB=lldap - POSTGRES_USER=lldap - POSTGRES_PASSWORD=F@lcon13 volumes: - /DockerVol/lldap-db/data:/var/lib/postgresql/data deploy: placement: constraints: - node.hostname == docker4 labels: - diun.enable=true restart: unless-stopped lldap: image: lldap/lldap:stable networks: - netgrimoire #user: "1001:998" environment: - TZ=America/Chicago - PUID=1001 - PGID=998 # Base DN - LLDAP_LDAP_BASE_DN=dc=netgrimoire,dc=com - LLDAP_DOMAIN=netgrimoire.com # User/admin bind password (you will replace) - LLDAP_LDAP_USER_PASS=F@lcon13 # Generated secrets (leave as-is unless you want to rotate) - LLDAP_JWT_SECRET=lougu9MjGLmLp1SPDkkCBsQm-MdHpGGuOn-wW7FRWRdzglIn1nJRyBQkQ7HDcDh0 - LLDAP_KEY_SEED=Kss_fNlMBH3XRo9aYHo_pI9gWQecQ1v3-yYzULckoWUm-iKIkV2DMygPYyKaN-u_ # Postgres - LLDAP_DATABASE_URL=postgres://lldap:F@lcon13@lldap-db:5432/lldap volumes: - /DockerVol/lldap/data:/data # Expose to LAN via swarm routing mesh (ingress) ports: - target: 17170 published: 17170 protocol: tcp mode: ingress - target: 3890 published: 3890 protocol: tcp mode: ingress # If/when you enable LDAPS: # - target: 6360 # published: 6360 # protocol: tcp # mode: ingress deploy: placement: constraints: - node.hostname == docker4 labels: # Homepage - homepage.group=Management - homepage.name=LLDAP - homepage.icon=ldap.png - homepage.href=https://ldap.netgrimoire.com - homepage.description=Lightweight LDAP directory # Kuma - kuma.lldap.http.name=LLDAP - kuma.lldap.http.url=http://lldap:17170 # Caddy / Authentik (protect UI) - caddy=ldap.netgrimoire.com - caddy.import=authentik - caddy.reverse_proxy=lldap:17170 # Diun - diun.enable=true depends_on: - lldap-db restart: unless-stopped